|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
借贷协议 Sonne Finance 于 5 月 14 日遭遇黑客攻击,导致价值约 2000 万美元的加密货币被盗。 Web3 安全公司 Cyvers 发现了涉及 Sonne Finance 的 USDC 和 WETH 合约的持续攻击。尽管黑客立即暂停了操作,但在被发现之前已经窃取了大量资金。 Sonne 目前正在研究追回被盗资金的方案,包括与漏洞利用者签订可能的错误赏金协议。然而,攻击者尚未对这些尝试做出回应,并将部分战利品转移到新的钱包地址。

Sonne Finance Suspends Operations After Devastating Hack Drains $20 Million in Cryptocurrencies
Sonne Finance 在遭受毁灭性黑客攻击导致 2000 万美元加密货币流失后暂停运营
May 15, 2023
2023 年 5 月 15 日
In a severe blow to the decentralized finance (DeFi) ecosystem, lending protocol Sonne Finance has been forced to halt operations following a sophisticated cyberattack that siphoned approximately $20 million worth of cryptocurrencies from its platform.
借贷协议 Sonne Finance 因复杂的网络攻击从其平台上窃取了价值约 2000 万美元的加密货币,被迫停止运营,这对去中心化金融 (DeFi) 生态系统造成了严重打击。
Initial Detection and Response
初步检测和响应
On May 14th, at approximately 10:30 pm UTC, Web3 security firm Cyvers intercepted an ongoing attack targeting Sonne Finance's USD Coin (USDC) and Wrapped Ether (WETH) smart contracts. However, by the time Sonne Finance became aware of the situation roughly 25 minutes later, the perpetrator had already plundered significant amounts of cryptocurrency, including $20 million in WETH, VELO, soVELO, and Wrapped USDC.
5 月 14 日,世界标准时间晚上 10:30 左右,Web3 安全公司 Cyvers 拦截了针对 Sonne Finance 的美元硬币 (USDC) 和 Wrapped Ether (WETH) 智能合约的持续攻击。然而,大约 25 分钟后,当 Sonne Finance 意识到这一情况时,犯罪者已经掠夺了大量加密货币,其中包括价值 2000 万美元的 WETH、VELO、soVELO 和 Wrapped USDC。
Prompt Action and Investigation
迅速采取行动和调查
Shortly after the breach was discovered, Sonne Finance swiftly took action by suspending all markets on Optimism and partnering with Cyvers to launch a comprehensive investigation. The protocol is actively exploring all avenues for recovering the stolen funds, including negotiations with the hacker for a potential bug bounty.
发现漏洞后不久,Sonne Finance 迅速采取行动,暂停 Optimism 上的所有市场,并与 Cyvers 合作开展全面调查。该协议正在积极探索追回被盗资金的所有途径,包括与黑客就潜在的错误赏金进行谈判。
Negotiations and Hacker's Response
谈判和黑客的回应
Unfortunately, the hacker has thus far been unwilling to engage in negotiations. According to blockchain investigator PeckShield, the exploiter has already transferred a substantial portion of the stolen assets (approximately $7.8 million) to a fresh wallet address.
不幸的是,黑客迄今不愿参与谈判。据区块链调查员 PeckShield 称,攻击者已经将大部分被盗资产(约 780 万美元)转移到一个新的钱包地址。
Evasive Tactics and Privacy Concerns
规避策略和隐私问题
The hacker's subsequent actions indicate an intent to launder the stolen funds through a privacy-enhancing protocol such as Tornado Cash. By leveraging such mechanisms, the perpetrator aims to hinder traceability and conceal the illicitly obtained cryptocurrencies.
黑客随后的行为表明其意图通过 Tornado Cash 等隐私增强协议来清洗被盗资金。通过利用此类机制,犯罪者旨在阻碍可追溯性并隐藏非法获得的加密货币。
Exploitation Root Cause Analysis
漏洞利用根本原因分析
Sonne Finance's internal investigation has revealed that the attack was executed through a donation attack on Sonne's Compound v2 forks, which had a previously identified security vulnerability. Community member PoorBabyCorn has attributed the incident to Sonne Finance's decision to employ Compound v2 despite being aware of the associated risks, raising concerns about potential security breaches.
Sonne Finance 的内部调查显示,这次攻击是通过对 Sonne 的 Compound v2 分叉进行捐赠攻击来执行的,该分叉存在之前发现的安全漏洞。社区成员 PoorBabyCorn 将此事件归因于 Sonne Finance 尽管意识到相关风险,但仍决定采用Compound v2,引发了对潜在安全漏洞的担忧。
Parallel Hedge Fund Breach
平行对冲基金违规
In a separate incident, the main hedge fund operated by crypto institutional investment firm BlockTower Capital has reportedly fallen victim to an exploit, resulting in a partial depletion of its assets. The stolen funds remain unrecovered, and BlockTower has engaged blockchain forensic analysts to unravel the details of the breach and identify the perpetrators.
据报道,在另一起事件中,加密机构投资公司 BlockTower Capital 运营的主要对冲基金已成为漏洞的受害者,导致其部分资产耗尽。被盗资金仍未追回,BlockTower 已聘请区块链取证分析师来查明违规细节并识别肇事者。
Ongoing Investigations and Security Implications
正在进行的调查和安全影响
Both Sonne Finance and BlockTower Capital continue to collaborate with law enforcement and security experts to investigate the respective attacks and apprehend the responsible parties. These incidents underscore the critical importance of robust security measures and continuous due diligence within the DeFi ecosystem to safeguard user funds and maintain trust in the industry.
Sonne Finance 和 BlockTower Capital 都继续与执法和安全专家合作,调查各自的攻击并逮捕责任方。这些事件凸显了 DeFi 生态系统内强有力的安全措施和持续尽职调查对于保护用户资金和维持行业信任的至关重要性。
免责声明:info@kdj.com
所提供的信息并非交易建议。根据本文提供的信息进行的任何投资,kdj.com不承担任何责任。加密货币具有高波动性,强烈建议您深入研究后,谨慎投资!
如您认为本网站上使用的内容侵犯了您的版权,请立即联系我们(info@kdj.com),我们将及时删除。
-
- 比特币、eCash 分叉和空投动态:深入探讨加密货币的最新争议
- 2026-05-03 00:52:02
- 探索最近的 eCash 分叉、其作为高风险空投的分类,以及对比特币和加密生态系统的更广泛影响。
-
-
- 美联储维持利率稳定,地缘政治紧张局势引发比特币价格下跌
- 2026-05-01 04:04:38
- 美联储维持利率的决定,加上中东冲突,影响了比特币的价格。分析近期趋势和市场反应。
-
-
-
-
-
-

































